Skip to content
This repository has been archived by the owner on Apr 24, 2024. It is now read-only.

Latest commit

 

History

History
60 lines (46 loc) · 2.77 KB

02obtain_access_tokens.md

File metadata and controls

60 lines (46 loc) · 2.77 KB
Raw

How to obtain access tokens?

In this guide it will be explained how to obtain access tokens and make requests to the backend while developing.

Be careful not to leak your username/password or access_token during the following steps.

Using Postman

A more in depth explanation about Postman and OAuth 2.0 can be found in the Postman documentation.

Using Curl

The following request should work without problems:
curl 'http://localhost:8080/api/config' -f

The following request should fail:
curl 'http://localhost:8080/api/seeds' -f

We need to obtain an access token before we are able to make requests to secured endpoints via curl.
We can do this using the Resource Owner Password Flow:

curl --request POST \
  --url 'https://auth.permaplant.net/realms/PermaplanT/protocol/openid-connect/token' \
  --header 'content-type: application/x-www-form-urlencoded' \
  --data grant_type=password \
  --data 'username={username}' \
  --data 'password={password}' \
  --data 'client_id=localhost'

The response should be JSON containing a key access_token.
Copy the access token.
You can now make the request like the following:
curl 'http://localhost:8080/api/seeds' -H "authorization: Bearer {access_token}"

Note that the token is only valid for 5 minutes after which you have to refresh it with the same curl command again.

Other ways

You can find other ways of obtaining tokens using the Resource Owner Password Flow here.